<?php
namespace app\api\controller;
/*
 * content : 权限验证类 
 * Author  : Songyicong 
 * time    : 2018-04-24 17:39:27 
 * email   : m13726262373@163.com 
 */

 use think\Request;
 use think\Db;
 use think\Cache;
 use app\api\model\v1\AdminAuth;
 use app\api\model\v1\UserAuth;
 use app\api\extra\Send;
 use app\api\model\v1\UrlAuth;
 use app\api\model\v1\AdminOpend;
 class Check{

    use Send;
    /** 检测 access_token 是否正确，从数据库中判断 (不做缓存，后期版本可以优化) */
    public function checkToken(Request $request,$isHeader){
        try{
            if($isHeader){
                $param = $request->header();
                $access_token = empty($param['access-token'])?"":$param['access-token'];
            }else{
                $param = $request->param();
                $access_token = empty($param['access_token'])?"":$param['access_token'];
            }
            // 获取用户访问信息
            $auth = new AdminAuth();
            $admin_auth = $auth->isAccessToken($access_token);
            if(empty($admin_auth['expires_in']) || time()>$admin_auth['expires_in']){
                return false;
            }
            return $admin_auth;
        }catch(Exception $e){
            return self::sendError(100000,$e->getMessage().'Service is Error！',500);
        }
    }

    /** 检测后台用户权限是否具有权限，从数据库中判断（不做缓存，后期可以优化） */
    public function checkAdminAuth(Request $request , $isHeader,$auth_num = 0){
        try{
            // 判断 open_id 是否具有
            if($isHeader){
                $param = $request->header();
                $open_id = empty($param['open_id'])?"":$param['open_id'];
            }else{
                $param = $request->param();
                $open_id = empty($param['open_id'])?"":$param['open_id'];
            }
            
            // 获取用户权限信息
            $auth = new AdminOpend();
            $user_auth = $auth->isOpenId($open_id);
            if(empty($user_auth)){
                return self::sendError(100001,'open_id is Error！',500);
            }
            $auth_num = $auth_num > $user_auth['auth_num'] ? $user_auth['auth_num'] : $auth_num;
            // 获取 url 的访问权限
            $urlAuth = UrlAuth::isUrlAuth($request->routeInfo()['route']);
            if(empty($urlAuth)){
                return self::sendError(100002,'url token auth is Error！',500);
            }
            if($urlAuth['auth_num']<=$auth_num){
                // 返回权限值
                return $user_auth;
            }
            return self::sendError(100003,'insufficient open id permissions ',200);
            
        }catch(Exception $e){
            return self::sendError(100000,$e->getMessage().'Service is Error！',500);
        }

    }

    /** 检测用户权限是否具有权限，从数据库中判断（不做缓存，后期可以优化） */
    public function checkUserAuth(Request $request , $isHeader,$auth_num = 0){
        try{
            // 判断 open_id 是否具有
            if($isHeader){
                $param = $request->header();
                $open_id = empty($param['open_id'])?"":$param['open_id'];
            }else{
                $param = $request->param();
                $open_id = empty($param['open_id'])?"":$param['open_id'];
            }
            
            // 获取用户权限信息
            $auth = new UserAuth();
            $user_auth = $auth->isOpenId($open_id);
            if(empty($user_auth)){
                return self::sendError(100001,'open_id is Error！',500);
            }
            $auth_num = $auth_num > $user_auth['auth_num'] ? $user_auth['auth_num'] : $auth_num;
            // 获取 url 的访问权限
            $urlAuth = UrlAuth::isUrlAuth($request->routeInfo()['route']);
            if(empty($urlAuth)){
                return self::sendError(100002,'url token auth is Error！',500);
            }
            if($urlAuth['auth_num']<=$auth_num){
                // 返回权限值
                return $user_auth;
            }
            return self::sendError(100003,'insufficient open id permissions ',200);
            
        }catch(Exception $e){
            return self::sendError(100000,$e->getMessage().'Service is Error！',500);
        }
    }
 }
